Class BinderControllerAdvice


  • @ControllerAdvice
    @Order
    public class BinderControllerAdvice
    extends Object
    • Constructor Detail

      • BinderControllerAdvice

        public BinderControllerAdvice()
    • Method Detail

      • setAllowedFields

        @InitBinder
        public void setAllowedFields​(org.springframework.web.bind.WebDataBinder dataBinder)
        Should prevent Spring4Shell vulnerability (but we believe midPoint does not allow it anyway). See https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement[this] for more info.